Tag: detection
-
AI Cloaking Tools Enable HarderDetect Cyber-Attacks
Cybercriminals are using AI cloaking tools to evade detection, disguising phishing and malware sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-cloaking-tools-enable-complex/
-
China-linked hackers target Taiwan chip firms in a coordinated espionage campaign
Tags: access, ai, attack, china, compliance, control, credentials, cyber, cybersecurity, detection, email, espionage, exploit, finance, framework, government, group, hacker, intelligence, international, login, monitoring, network, phishing, software, supply-chain, technology, threat, warfareInvestment banks in the crosshairs: A second group, UNK_DropPitch, targeted the financial ecosystem surrounding Taiwan’s semiconductor industry. This group conducted phishing campaigns against investment banks, focusing on individuals specializing in Taiwanese semiconductor analysis. The phishing emails purported to come from fictitious financial firms seeking collaboration opportunities.The third group, UNK_SparkyCarp, focused on credential harvesting through sophisticated…
-
How AI is changing the GRC strategy
Tags: access, ai, best-practice, breach, business, ciso, compliance, control, data, detection, finance, framework, fraud, governance, grc, guide, law, monitoring, network, nist, privacy, regulation, risk, risk-analysis, risk-management, strategy, threat, toolAdapting existing frameworks with AI risk controls: AI risks include data safety, misuse of AI tools, privacy considerations, shadow AI, bias and ethical considerations, hallucinations and validating results, legal and reputational issues, and model governance to name a few.AI-related risks should be established as a distinct category within the organization’s risk portfolio by integrating into…
-
UK NCSC Announces Software Vulnerability Initiative
Agency to Collaborate with External Experts on Vulnerability Research. The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program. First seen on govinfosecurity.com Jump to article:…
-
Google finds custom backdoor being installed on SonicWall network devices
Overstep backdoor nukes key log entries, making detection hard. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/google-finds-custom-backdoor-being-installed-on-sonicwall-network-devices/
-
SquidLoader Deploys Stealthy Malware with Near-Zero Detection to Evade Security Measures
A fresh variant of SquidLoader malware has surfaced, actively entering Hong Kong institutions with previously unheard-of stealth, which is alarming for the financial industry. This sophisticated loader achieves near-zero detection rates on platforms like VirusTotal, leveraging intricate anti-analysis, anti-sandbox, and anti-debugging mechanisms to deploy Cobalt Strike Beacons for remote access. The malware’s attack chain begins…
-
One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE
Attacks could have a wider blast radius: Because Code Editor operates on the same underlying file system as the Cloud Shell, essentially a Linux home directory in the cloud, attackers could tamper with files used by other integrated services. This turns the flaw in the seemingly contained developer tool into an exposure for lateral movement…
-
iCounter Debuts With Mission to Defeat AI-Enabled Threats
Startup Raises $30M, Uses Risk Intelligence to Preempt Reconnaissance Attacks. Former FireEye and Mandiant leader John Watters unveils iCounter, a new cyber risk intelligence startup focused on targeted attacks and AI-enabled adversaries. Backed by Syn Ventures, the firm aims to transform threat detection with deeper visibility into attacker reconnaissance. First seen on govinfosecurity.com Jump to…
-
Best AI Deepfake and Scam Detection Tools for Security
Explore the best AI deepfake detection tools to spot fake videos, images, and audio. Compare real-time analysis, accuracy, and features for your needs. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/best-ai-deepfake-detection-tools/
-
Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play
Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic genuine apps on the Google Play Store, marking a dramatic increase in mobile dangers. This malware employs an >>evil-twin
-
Email Filters Defeated by Polyglot File Trick Used in Malware Campaigns
Attackers are increasingly using advanced disguising techniques, such polyglot files, to get around email filters and successfully send phishing payloads in the constantly changing world of cyber threats. These polyglot files, which can be interpreted as multiple file formats simultaneously, allow malicious content to evade detection by appearing benign to security scanners. This shift marks…
-
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign “decoy” app that’s hosted on the Google Play Store…
-
Attackers Hide JavaScript in SVG Images to Lure Users to Malicious Sites
Beware! SVG images are now being used with obfuscated JavaScript for stealthy redirect attacks via spoofed emails. Get insights from Ontinue’s latest research on detection and defence. First seen on hackread.com Jump to article: hackread.com/attackers-hide-javascript-svg-images-malicious-sites/
-
Android Malware Konfety evolves with ZIP manipulation and dynamic loading
A new Konfety Android malware variant uses a malformed ZIP and obfuscation to evade detection, posing as fake apps with no real functionality. Zimporium zLabs researchers are tracking a new, sophisticated Konfety Android malware variant that uses an >>evil-twin
-
Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
A new phishing campaign uses SVG files for JavaScript redirects, bypassing traditional detection methods First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-svg-files-javascript/
-
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Innovative, evasive, and targeted campaigns: Researchers pointed out that traditional endpoint detection, antivirus tools, and even email filters struggle to spot this threat because image files like SVGs are rarely considered dangerous. Compared to previous SVG-based attacks that used hosted payloads, this method keeps everything self-contained, further slipping past defenses.Victims span B2B service providers, utilities,…
-
Android malware Konfety uses malformed APKs to evade detection
A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-konfety-uses-malformed-apks-to-evade-detection/
-
North Korea-linked actors spread XORIndex malware via 67 malicious npm packages
North Korea-linked hackers uploaded 67 malicious npm packages with XORIndex malware, hitting 17K+ downloads in ongoing supply chain attacks. North Korea-linked threat actors behind the Contagious Interview campaign have uploaded 67 malicious npm packages with XORIndex malware loader, hitting over 17,000 downloads in ongoing supply chain attacks. XORIndex was built to evade detection and deploy…
-
AI poisoning and the CISO’s crisis of trust
Tags: access, ai, breach, ceo, ciso, compliance, control, cybersecurity, data, defense, detection, disinformation, exploit, framework, healthcare, identity, infosec, injection, LLM, monitoring, network, privacy, RedTeam, resilience, risk, russia, saas, threat, tool, trainingFoundation models began parroting Kremlin-aligned propaganda after ingesting material seeded by a large-scale Russian network known as the “Pravda Network.”A high-profile AI-generated reading list published by two American news outlets included 10 hallucinated book titles mistakenly attributed to real authors.Researchers showed that imperceptible perturbations in training images could trigger misclassification. Researchers in the healthcare domain demonstrated…
-
The 10 most common IT security mistakes
Tags: access, attack, backup, best-practice, bsi, business, control, cyber, cyberattack, cybercrime, data, detection, group, incident response, infrastructure, Internet, login, mfa, microsoft, monitoring, network, office, password, ransomware, risk, security-incident, service, skills, strategy, technology, threat, tool, vpn2. Gateway: Weak passwords: The problem: Weak passwords repeatedly make it easier for cybercriminals to gain access to a company network. A domain administrator password with six characters or a local administrator password with only two characters is no obstacle for perpetrators. It is more than clear that this issue is often neglected in practice,…
-
New Grok-4 AI breached within 48 hours using ‘whispered’ jailbreaks
Safety systems cheated by contextual tricks: The attack exploits Grok 4’s contextual memory, echoing its own earlier statements back to it, and gradually guides it toward a goal without raising alarms. Combining Crescendo with Echo Chamber, the jailbreak technique that achieved over 90% success in hate speech and violence tests across top LLMs, strengthens the…
-
8 tough trade-offs every CISO must navigate
Tags: access, ai, attack, business, ciso, cloud, compliance, computer, cyber, cybersecurity, ddos, defense, detection, framework, group, healthcare, incident response, jobs, malicious, mfa, regulation, resilience, risk, service, technology, threat, tool, vulnerability2. Weighing security investments when the budget forces choices: Closely related to the trade-off around risk is what CISOs must navigate when it comes to security investments.”For most CISOs, when they have to make tough choices, 99% of the time it’s due to budget constraints that force them to weight risks versus rewards,” says John…
-
COMmander: Network-Based Tool for COM and RPC Exploitation
The need for solutions that improve detection skills against sophisticated attacks is growing in the ever-changing cybersecurity world. COMmander emerges as a lightweight, C#-based utility designed to bolster defensive telemetry by monitoring Remote Procedure Call (RPC) and Component Object Model (COM) activities at a granular level. Developed to address gaps in identifying network-based exploitations involving…
-
Watchguard Analysis Surfaces Major Spike in Malware Detections
An analysis of cyberattacks shared this week by Watchguard Technologies finds there was a 171% increase in total unique network malware detections and a 712% increase in endpoint detections in the first quarter of 2025 compared with the previous quarter. At the same time, the number of ransomware attacks declined 85% from the previous quarter,..…
-
AWS bolsters security tools to help customers manage AI risks
Amazon Web Services has unveiled new and updated security services, including container-level threat detection and a unified command centre, to help organisations build and secure artificial intelligence applications First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627572/AWS-bolsters-security-tools-to-help-customers-manage-AI-risks
-
SLOW#TEMPEST Hackers Adopt New Evasion Tactics to Bypass Detection Systems
Security researchers have uncovered a sophisticated evolution in the SLOW#TEMPEST malware campaign, where threat actors are deploying innovative obfuscation methods to evade detection and complicate analysis. This variant, distributed via an ISO file containing a mix of benign and malicious components, leverages DLL sideloading through a legitimate signed binary, DingTalk.exe, to load a malicious DLL…
-
Ducex Packer for Android Evades Detection with Heavy Obfuscation Techniques
The team at ANY.RUN recently reviewed a powerful Android packer called Ducex, which is linked to the infamous Triada malware, and criticized it for its sophisticated obfuscation methods. First identified within a fake Telegram app, Ducex serves as a protective shell for Triada, one of the most sophisticated Android trojans since its debut in 2016.…
-
AirMDR Tackles Security Burdens for SMBs With AI
This security startup provides managed detection and response services for small-to-midsized businesses to detect and address modern threats such as ransomware, phishing attacks, and malicious insiders. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/airmdr-tackles-smb-security-burdens-with-ai